How to add many IPs to allow for SMTP Relay

Posted on 2011-05-09
Last Modified: 2012-05-11
I have a list of IPs that I need to add to 4 separate Exchange 2003 SP2 servers that we have configured as the Internal Bridgehead servers.
These IPs need to be added to:Protocols-SMTP-Default SMTP Virtual Server-Default SMTP Virtual Server Properties-Access Tab-Relay

Does someone have a script?
Question by:Admin_Stooge
    LVL 8

    Accepted Solution

    If you download the IPSec.vbs utility from microsoft:

    replacing DOM-DC-1 with one of your domain controllers and adding your exchange servers to the list and save as something like AddSMTP.bat

    if you then wanted say to add to the SMTP ACL you would just  run


    if you have a simple Excel sheet with all the allowed server names and IP addresses on them then you can write a simple formula to construct the command for you - and if you ever need to add another server\ rebuild one you can add the ACL easily by pasting into a command line window etc.

    cscript Ipsec.vbs -d DOM-DC1 -o a -r connection -v %1 -m %2 -s Exch-srv01
    cscript Ipsec.vbs -d DOM-DC1 -o a -r accept -v %1 -m %2 -s Exch-srv01
    cscript Ipsec.vbs -d DOM-DC1 -o a -r relay -v %1 -m %2 -s Exch-srv01
    cscript Ipsec.vbs -d DOM-DC1 -o a -r connection -v %1 -m %2 -s Exch-srv02
    cscript Ipsec.vbs -d DOM-DC1 -o a -r accept -v %1 -m %2 -s Exch-srv02
    cscript Ipsec.vbs -d DOM-DC1 -o a -r relay -v %1 -m %2 -s Exch-srv02
    cscript Ipsec.vbs -d DOM-DC1 -o a -r connection -v %1 -m %2 -s Exch-srv03
    cscript Ipsec.vbs -d DOM-DC1 -o a -r accept -v %1 -m %2 -s Exch-srv03
    cscript Ipsec.vbs -d DOM-DC1 -o a -r relay -v %1 -m %2 -s Exch-srv03

    Open in new window

    LVL 8

    Expert Comment

    To remove an entry its just a case of copying the script and changing the operation from "-o a" (add) to "-o d" (delete).

    cscript Ipsec.vbs -d DOM-DC1 -o d -r connection -v %1 -m %2 -s Exch-s

    we have 6 relays with a internal dnsname and it makes keeping them all set the same quite easy.

    Author Comment

    I'm following the instructions from the link you provided.
    I have a text file with the 50 IPs in this format:
    cscript IPsec.vbs –s exchange server name –o a –r relay –d domain controller –v      IP

    I open a cmd prompt and go to C:\ExIpSecurity
    I then run
    C:\ExIpSecurity>addiprelay01.bat > addiprelay01results.txt

    But when checking the output file, I see this:
    Quitting: Syntax incorrect. Type 'ipsec.vbs' for usage.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    How to improve team productivity

    Quip adds documents, spreadsheets, and tasklists to your Slack experience
    - Elevate ideas to Quip docs
    - Share Quip docs in Slack
    - Get notified of changes to your docs
    - Available on iOS/Android/Desktop/Web
    - Online/Offline

    Email statistics and Mailbox database quotas You might have an interest in attaining information such as mailbox details, mailbox statistics and mailbox database details from Exchange server. At that point, knowing how to retrieve this information …
    Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
    In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
    This video discusses moving either the default database or any database to a new volume.

    758 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now